Move GitHub API access tokens to a header? #177
Description
It looks like we pass along an API user's token on the query string (via params), but I think this is deprecated and may stop working in late 2020, or even sooner during scheduled "brownouts".
It appears all of these calls are routed through our API wrapper, and ultimately forced through a single bottleneck in _WSWrapper._do_http. Maybe we could take this opportunity to examine params and move any auth_token value from there to an Authorization: token $TOKEN header added to _JSON_HEADERS.